Audit Logs - Hitachi ID Password Manager

Background

No security process is perfect. Given enough time, enough systems
and a sufficiently large user population, some security compromise
is likely to happen. Password management, and authentication processes
in general, are no exception to this rule.

To mitigate the business risk of a security compromise in an
authentication process, it is important to introduce audit trails.
Audit trails record all security transactions, and allow the
organization to follow up on what actually happened after a
suspicious event takes place.

Audit trials can be combined with real-time alerts, for example
using e-mail, instant messaging or telephony / text messaging,
to trigger rapid investigation and automatic system defences,
such as intruder lockouts.

Audit trails are a core responsibility of a password management
system. Events such as authentication attempts and failures,
successful and failed user enrollments, successful and failed
password updates and more should all be logged, and should all
be able to trigger real-time alerts.

Hitachi ID Password Manager Logging

Over
189 events, including authentication success and
failure, intruder lockouts and security change requests and approvals,
for both users and administrators, are logged by Password Manager.